Network Working Group                                   Thomas D. Nadeau
Internet Draft                                       Cisco Systems, Inc.
Category: Standards Track
Expiration Date: September 2007
                                                          George Swallow
                                                     Cisco Systems, Inc.

                                                              March 2007


                 Detecting MPLS Data Plane Failures in
                 Inter-AS and inter-provider Scenarios


                 draft-ietf-mpls-interas-lspping-00.txt

Status of this Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, in accordance with Section 6 of BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html


Abstract

   This document describes a simple and efficient mechanism that can be
   used to detect data plane failures in Multi-Protocol Label Switching
   Label Switched Paths that extend beyond a single Autonomous System
   and/or across multiple Service Provider network boundaries.  This
   document describes extensions to the existing MPLS LSP Ping protocol
   to achieve these goals.



Nadeau & Swallow             Standards Track                    [Page 1]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


Contents

 1      Introduction  ..............................................   3
 2      Terminology  ...............................................   3
 2.1    Conventions used in this document  .........................   3
 2.2    Terminology  ...............................................   3
 2.3    Acronyms  ..................................................   4
 3      Structure of This Document  ................................   4
 4      Motivation  ................................................   4
 5      Inter-AS TLVs  .............................................   5
 5.1    Inter-AS TLV  ..............................................   5
 5.1.1  IPv4 Inter-AS TLV  .........................................   7
 5.1.2  IPv6 Inter-AS TLV  .........................................   8
 5.1.3  Visited ASBR Address Stack  ................................   9
 6      Error Code(s)  .............................................  11
 7      Theory of Operation  .......................................  11
 7.1    Adjustments to Outgoing Labels  ............................  12
 7.2    Receiving Echo Replies  ....................................  12
 8      Security Considerations  ...................................  14
 9      IANA Considerations  .......................................  14
 9.1    Message Types, Reply Modes, Return Codes  ..................  14
 9.2    TLVs  ......................................................  15
10      References  ................................................  15
10.1    Normative References  ......................................  15
10.2    Informative References  ....................................  15
11      Acknowledgments  ...........................................  16
12      Authors' Addresses  ........................................  16
























Nadeau & Swallow             Standards Track                    [Page 2]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


1. Introduction

   This document describes a simple and efficient mechanism that can be
   used to detect data plane failures in MPLS LSPs that span across mul-
   tiple Autonomous System (AS) and service provider boundaries.  At
   present, the existing MPLS LSP Ping protocol cannot handle all but
   one of these cases.  This document first explains the scenarios where
   the existing protocol is inadequate, then describes information car-
   ried in extended MPLS "echo request" and "echo reply" messages; and
   finally describes enhanced mechanisms for transporting the echo
   reply, as well as processing it at intermediate points (both in an
   out of the originating AS).

   An important consideration in this design is that MPLS echo requests
   follow the same data path that normal MPLS packets would traverse.
   MPLS echo requests are meant primarily to validate the data plane,
   and secondarily to verify the data plane against the control plane.
   Mechanisms to check the control plane are valuable, but are not cov-
   ered in this document.

   As is described in [RFC4379], to avoid potential Denial of Service
   attacks, it is recommended to regulate the LSP ping traffic going to
   the control plane.  A rate limiter should be applied to the well-
   known UDP port defined below.  Furthermore, due to the fact that
   there are data exchanges between provider networks which may wish to
   hide the details of their network, it is recommended that the inter-
   AS border routers provide operators with control over what informa-
   tion (i.e.: addresses) in these messages.


2. Terminology

2.1. Conventions used in this document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].


2.2. Terminology

   Definitions of key terms for MPLS OAM are found in [RFC4378] and the
   reader is assumed to be familiar with those definitions which are not
   repeated here.

   The following additional terms are useful to understand this docu-
   ment.




Nadeau & Swallow             Standards Track                    [Page 3]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


2.3. Acronyms

   The following list of acronyms is a repeat of common acronyms defined
   in many other documents, and is provided here for convenience.

     CE: Customer Edge
     PE: Provider Edge ASBR: Autonomous System Border Router
    DoS: Denial of service ECMP: Equal Cost Multipath
    LDP: Label Distribution Protocol
    LSP: Label Switch Path
    LSR: Label Switch Router
    OAM: Operations and Management OA&M: Operations, Administration and
   Maintenance.  RSVP: Resource reSerVation Protocol
     SP: Service Provider


3. Structure of This Document

   The body of this memo contains four main parts: motivation, exten-
   sions to the MPLS echo request/reply packet format, inter-AS LSP ping
   operation, and a reliable return path. It is suggested that first-
   time readers skip the actual packet formats and read the Theory of
   Operation first; the document is structured the way it is to avoid
   forward references.



4. Motivation

   The requirements specified in [RFC4377] stipulate that data plane OAM
   functions must be provided as solutions for service providers. These
   data plane test functions must not only function within an autonomous
   system (AS), but must also function across ASs. Furthermore, these
   tests must function correctly across ASs that span multiple Service
   Provider(SP) domains. At present, the data plane liveliness tools
   function in these capacities only in the narrow (and rarely used)
   case where the IP addresses of LSRs involved are known to each other.
   For example, when the IP addresses from one AS are exchanged through
   routing with other attached ASs. Another case includes the Layer-3
   VPN inter-provider interconnection where the PE addresses are dis-
   tributed between service providers.  However, these cases are uncom-
   mon, and thus the existing LSP Ping [RFC4379] tool is unable to
   respond under most error condition configurations. For example con-
   sider the following configuration. Imagine that PE1 and PE2 are in
   two different provider domains. In this case, it is common for
   providers to NOT distribute the IP addresses of any of the routers
   other than the ASBR.




Nadeau & Swallow             Standards Track                    [Page 4]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


          {---- AS1 ----}      {---- AS2 ----}
         PE1--P---P--ASBR1----ASBR2--P---P--PE2

   Now, imagine that the LSP that connects PE1 to PE2 contains a fault
   somewhere bewteen ASBR2 and PE2 as is indicated by 'X' between the
   two P routers:

          {---- AS1 ----}      {---- AS2 ----}
         PE1--P---P--ASBR1----ASBR2--P-X-P--PE2

   If an LSP Ping is initiated at PE1 with a destination of PE2 and a
   source of PE1, the packet is label switched correctly until it
   reaches the first P router within AS2.  Here lets imagine that MPLS
   forwarding is disabled on the link between the two P routers. Upon
   discovering this while attempting to process the LSP Ping Request
   packet, the first P router will attempt to reply directly to PE1 with
   the appropriate error code 5.  However, because the address of PE1 is
   actually private to AS1 by virtue of not being distributed by ASBR1
   into AS2, the P router cannot correctly forward the reply to PE1. In
   this case, PE1 may surmise that some failure has occurred, but it
   cannot determine what the error is or where it exists.  This clearly
   does not meet the requirements stipulted in [RFC4377].  This draft
   describes extensions to [RFC4379] that overcome the aforementioned
   limitations, and thus allow for the handling of inter-AS/provider
   cases.



5. Inter-AS TLVs

5.1. Inter-AS TLV

   The Inter-AS TLV Reply Object is an optional TLV that is used to col-
   lect and report the ASBRs along the path of the LSP under test. Only
   one such object may appear in a Reply message.  The purpose of this
   object is to allow the downstream router to relay a Reply message
   from ASBR to ASBR when a failure is detected.  A router will use this
   TLV to look up the last ASBR as indicated as the top-most address on
   the address stack, that forwarded the Request message into its AS,
   and then forward the Reply to that router after popping the address
   from the stack. The Reply message will ultimately be relayed to the
   original soure of the request. This message has one format that con-
   tains the true source and destination addresses of the Request mes-
   sage, as well as a stack of ASBR addresses that were visited while
   forwarding this message. Type 17 is defined for this TLV (to be
   assigned by IANA).





Nadeau & Swallow             Standards Track                    [Page 5]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      | Type = 17 (Inter-AS TLV)      |            Length             |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |             Source Node IP Address (4 or 16 octets)           |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                    Source Node AS Number                      |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |             Failed Node IP Address (4 or 16 octets)           |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                    Failed Node AS Number                      |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                 Failed Node Contact String                    |
      |                                                               |
      |                       (16 octets)                             |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |    SubType                    |          SubLength            |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                 Visited ASBR Address Stack                    |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   SubType:

      Sub-Type #       Length              Value Field
      ----------       ------              -------------
          1              6                   IPv4 Return Stack
          2              6                   IPv4 Trace Stack
          3              6                   Ipv6 Return Stack
          4              6                   IPv6 Trace Stack

   Note that only combinations of 1+2 or 3+4 may be used.  Support of
   mixed IPv4 and IPv6 ASes is beyond the scope of this document.

   Failed Node AS Number:

      This field may contain the AS number in which the node where the
      failure was detected resides. If no AS number is indicated, this
      field MUST contain 0s.

   Failed Node IP Address:

      This must be a valid IPv4 or IPv6 address assigned to the router.

      If the interface to the downstream LSR is numbered, then the
      Address Type MUST be set to IPv4 or IPv6, Failed Node IP Address
      MUST be set to either the downstream LSR's Router ID or the



Nadeau & Swallow             Standards Track                    [Page 6]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


      interface address of the downstream LSR.

      If the interface to the downstream LSR is unnumbered, the Address
      Type MUST be Unnumbered, the Downstream IP Address MUST be the
      downstream LSR's Router ID.


      Failed Node AS Number:

      This field may contain the AS number in which the node where the
      failure was detected resides. If no AS number is indicated, this
      field MUST contain 0s.

      Failed Node Contact String:

      This field may contains a string of ASCII characters inserted by
      the node where the failure was detected or by its closest ASBR.
      This field MUST indicate contact information such as a provider's
      international phone number and other relevant contact information
      in cases where local policy dictates that a provider will not fill
      in the Failed Node AS number and/or the Failed Node Address.  In
      all other cases, this field MUST contain 0s.


5.1.1. IPv4 Inter-AS TLV

   The value consists of four octets of an IPv4 prefix followed by one
   octet of prefix length in bits; the format is given below.  The IPv4
   prefix is in network byte order; if the prefix is shorter than 32
   bits, trailing bits SHOULD be set to zero.  .





















Nadeau & Swallow             Standards Track                    [Page 7]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      | Type = 17 (Inter-AS TLV)      |            Length             |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                  Source Node IPv4 Address                     |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                   Source Node AS Number                       |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                 Failed Node IPv4 Address                      |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                    Failed Node AS Number                      |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                 Failed Node Contact String                    |
      |                                                               |
      |                                                               |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |    SubType                    |          Length               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+



5.1.2. IPv6 Inter-AS TLV

   The value consists of 16 octets of an IPv6 prefix followed by one
   octet of prefix length in bits; the format is given below.  The IPv6
   prefix is in network byte order; if the prefix is shorter than 128
   bits, trailing bits SHOULD be set to zero.  This FEC is used if the
   protocol advertising the label is unknown, or may change during the
   course of the LSP.  An example is ani nter-AS LSP that may be sig-
   naled by LDP in one AS, by RSVP-TE in another AS, and by BGP between
   the ASs, such as is common for inter-AS VPNs.


















Nadeau & Swallow             Standards Track                    [Page 8]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      | Type = 17 (Inter-AS TLV)      |          Length = 5           |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                  Source Node IPv6 Address                     |
      |                          (16 octets)                          |
      |                                                               |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                   Source Node AS Number                       |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                  Failed Node IPv6 Address                     |
      |                          (16 octets)                          |
      |                                                               |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                    Failed Node AS Number                      |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                 Failed Node Contact String                    |
      |                                                               |
      |                                                               |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |    SubType                    |          Length               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+



5.1.3. Visited ASBR Address Stack

   The term Visited ASBR Address Stack applies to two stacks of IP
   addresses of the ASBRs along the path of an LSP called the Trace and
   Return Stacks.  The two stacks have the same format; however they
   have slightly different semantics. Both stack objects are stacks of
   addresses that denote the list of visited ASBRs. The obeject is a
   stack either an IPv4 address if the TLV SubType field is set to 1 or
   2, or an IPv6 address if the TLV SubType field is set to 3 or 4.

   The Return Stack is to be used in a destructive manner as a means of
   unwinding the path of ASBRs that were used to originally forward the
   Request. Each subsequent ASBR along the path that receives the reply
   should destructively remove itself from the stack.

   On the other hand, the Trace Stack MUST only be added to (i.e.: ASBR
   addresses pushed) and items never removed from this stack.  This will
   allow the source to see the trace of the path of ASBRs once the Reply
   message is returned. In cases where policy dictates that ASBR



Nadeau & Swallow             Standards Track                    [Page 9]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


   addresses must be hidden, a value of all 0s MUST be inserted into the
   stack, or the stack completely removed prior to forwarding the Reply.
   It is prefered that a blank entry be left, as this will at least
   indicate that there was one hop without revealing its IP address.

   IPv4 Trace and Visited Stack Objects

       The Length is 4*N octets, N is the number of visited ASBRs.
       This object has the following format:

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                     ASBR IPv4 Address 1                       |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                     ASBR IPv4 Address 2                       |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      .                                                               .
      .                               ...                             .
      .                                                               .
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                     ASBR IPv4 Address N                       |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


      ASBR IPv4 Address 1, ASBR IPv4 Address 1, ... contain a valid
      IPv4 address.


   IPv6 Trace and Visited Stack Objects

      The Length is 16*N octets, N is the number of visited ASBRs.
      This object has the following format:


















Nadeau & Swallow             Standards Track                   [Page 10]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                ASBR IPv6 Address 1                            |
      |                ASBR IPv6 Address (Cont.)                      |
      |                ASBR IPv6 Address (Cont.)                      |
      |                ASBR IPv6 Address (Cont.)                      |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      .                                                               .
      .                               ...                             .
      .                                                               .
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                  ASBR IPv6 Address N                          |
      |                ASBR IPv6 Address (Cont.)                      |
      |                ASBR IPv6 Address (Cont.)                      |
      |                ASBR IPv6 Address (Cont.)                      |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

      ASBR IPv6 Address 1, ASBR IPv6 Address 1, ... contain a valid
      IPv4 address.
      IPv6



6. Error Code(s)

     TBD


7. Theory of Operation

   hen tracing an LSP which spans multiple AS, an Inter-AS Reply Object
   s included in the Echo Request.  Initially the object contains only
   he address of the source PE and a Trace stack with that same address.
   s the tracing progress each ASBR copies the trace stack as a reply
   tack, it then pushes its address to the trace stack.  It includes oth
   stacks in an Inter-AS Reply object and sends it in an Echo eply mes-
   sage to the top address in the reply stack.  The receiver f the Reply
   message then verifies that it is included in the reply tack.  It then
   pops its address from the reply stack and e-addresses the Echo Reply
   message to the (new) top element of the eply stack.  This is repeated
   until the source PE receives the cho Reply.









Nadeau & Swallow             Standards Track                   [Page 11]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


7.1. Adjustments to Outgoing Labels

   When an LSP request is sent from an originator, some adjustments may
   need to be made to outgoing labels:

   Inter-AS cases:

   A) VRF to VRF

      The LSP terminates at the ASBR.  These procedures do not apply.

   B) EBGP redistribution of labeled VPN-IPv4 routes from AS to
      neighboring AS.

      Tracing is performed by incrementing the VPN label begining at
   one.
      If TTL hiding is in effect, then tracing of PSN label is not
      necessary for these procedures.

   C) Carrier's Carrier (CsC): 1) TTL Hiding
      a. Will work as is.
      b. Verification of the core must be done separately by core own-
   ers.
      c. Traceroute can trace both stubs of the 'carried' carrier.

   2) No TTL hiding
      a. Set VPN TTL to 1.
      b. CsC CE or Ps would return to the CsC PE who would relay mes-
   sages
         back to originator.
      c. For traceroute, set VPN TTL=1, and progressively increase the
       IGP TTL by 1 to probe.



7.2. Receiving Echo Replies

   The existing packet processing algorithm as specified in [RFC4379] is
   enhanced as follows to support inter-AS/provider LSP ping/trace.


   When an Echo Reply message is received:

   1) If the packet is addressed to this router
      (i.e.: destination address == this router's router ID):

     a. If the original sender field TLV == this router's address,
        process normally. // today's functionality for a normal



Nadeau & Swallow             Standards Track                   [Page 12]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


        reply received by the src.

     b. Else this packet has been delivered to this router because it
        is an ASBR and needs to proxy for a P router in its AS to
        return the reply.

        If the inter-AS TLV is present,

        i.  If the last visited AS is empty, set it to the ASBR's
            primary AS#.

        ii. If the stack is empty, this is an error case. The TLV
            SHOULD NOT be present if the stack is empty.

        iii. Else if the top-most address in the stack is this
             router's address.

           1. Pop it from the stack.
           2. Replace the packet's destination address with the
              next address in the stack.
           3. Replace the packet's src address with this ASBR's address.
           4. Optionally, the ASBR may hide (i.e.: remove) information
              that its local policy has been configured for.
           5. Look up the route/next-hop for this address and deliver
              the packet. The ASBR should be able to resolve the
              address because at this point unless there has been an
              error in the return path forwarding, then the packet
              should be at the border of the originating AS. If the
              look-up fails, drop the packet and notify the operator
              of this router that an error condition has occurred.

   When an LSP ping request is received:

   2) If this router is an ASBR
     a. Write the next entry in the Last Seen ASBR stack's address
        as the destination address of the packet and forward it to
        that address.
     b. Otherwise process normally as specified in the LSP ping draft.













Nadeau & Swallow             Standards Track                   [Page 13]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


8. Security Considerations

   In addition to the Security Considerations from [RFC4379], here are
   at least two approaches to attacking LSRs using the mecha- nisms
   defined here.

   One is a Denial of Service attack, by sending MPLS echo
   requests/replies to LSRs and thereby increasing their workload.  The
   other is obfuscating the state of the MPLS data plane liveness by
   spoofing, hijacking, replaying or otherwise tampering with MPLS echo
   requests and replies.

   Authentication will help reduce the number of seemingly valid MPLS
   echo requests, and thus cut down the Denial of Service attacks;
   beyond that, each LSR must protect itself.

   Authentication sufficiently addresses spoofing, replay and most tam-
   pering attacks; one hopes to use some mechanism devised or suggested
   by the RPSec WG.  It is not clear how to prevent hijacking (non-
   delivery) of echo requests or replies; however, if these messages are
   indeed hijacked, LSP ping will report that the data plane isn't work-
   ing as it should.

   It doesn't seem vital (at this point) to secure the data carried in
   MPLS echo requests and replies, although knowledge of the state of
   the MPLS data plane may be considered confidential by some.


9. IANA Considerations

   [need to request some new Message Types, TLV Types, Return Codes]


9.1. Message Types, Reply Modes, Return Codes

   It is requested that IANA maintain registries for Message Types,
   Reply Modes, Return Codes and Return Subcodes.  Each of these can
   take values in the range 0-255.  Assignments in the range 0-191 are
   via Standards Action; assignments in the range 192-251 are made via
   Expert Review; values in the range 252-255 are for Vendor Private
   Use, and MUST NOT be allocated.

   If any of these fields fall in the Vendor Private range, a top-level
   Vendor Enterprise Code TLV MUST be present in the message.







Nadeau & Swallow             Standards Track                   [Page 14]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


9.2. TLVs

   It is requested that IANA maintain registries for the Type field of
   top-level TLVs as well as for sub-TLVs.  The valid range for each of
   these is 0-65535.  Assignments in the range 0-16383 and 32768-49161
   are made via Standards Action as defined in [RFC2434]; assignments in
   the range 16384-31743 and 49162-64511 are made via Expert Review (see
   below); values in the range 31744-32746 and 64512-65535 are for Ven-
   dor Private Use, and MUST NOT be allocated.

   If a TLV or sub-TLV has a Type that falls in the range for Vendor
   Private Use, the Length MUST be at least 4, and the first four octets
   MUST be that vendor's SMI Enterprise Code, in network octet order.
   The rest of the Value field is private to the vendor.


10. References

10.1. Normative References

   [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
             Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC4377] Nadeau, T., Morrow, M., Swallow, G., Allan, D.,
             Matshushima, S., "Operations and Management (OAM)
             Requirements for Multi-Protocol Label Switched
             (MPLS) Networks", RFC 4377, February 2006.

   [RFC4378] Allan, D., Nadeau, T., "A Framework for
             Multi-Protocol Label Switching (MPLS)
             Operations and Management", RFC 4378,
             February 2006.

   [RFC4379] Kompella, k., Swallow, G., "Detecting MPLS Data Plane
             Liveness", RFC 4379, February 2006.


10.2. Informative References

   [RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an
             IANA Considerations Section in RFCs", BCP 26, RFC 2434,
             October 1998.









Nadeau & Swallow             Standards Track                   [Page 15]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


11. Acknowledgments

   The authors wish to acknowledge and thank the following individuals
   for their valuable comments to this document: Azhar Sayeed, Vanson
   Lim, and Mike Piecuch.


12. Authors' Addresses

      Thomas D. Nadeau
      Cisco Systems, Inc.
      1414 Massachusetts Ave,
      Boxboro, MA 01719
      Phone: +1.978.936.1470
      Email: tnadeau@cisco.com

      George Swallow
      Cisco Systems
      1414 Massachusetts Ave,
      Boxborough, MA 01719
      Phone:  +1 978 936 1398
      Email:  swallow@cisco.com



Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any assur-
   ances of licenses to be made available, or the result of an attempt
   made to obtain a general license or permission for the use of such
   proprietary rights by implementers or users of this specification can
   be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at ietf-
   ipr@ietf.org.



Nadeau & Swallow             Standards Track                   [Page 16]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007


Full Copyright Notice

   Copyright (C) The IETF Trust (2007).  This document is subject to the
   rights, licenses and restrictions contained in BCP 78, and except as
   set forth therein, the authors retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.






































Nadeau & Swallow             Standards Track                   [Page 17]


Internet Draft   draft-ietf-mpls-interas-lspping-00.txt       March 2007





















































Nadeau & Swallow             Standards Track                   [Page 18]